SCYNEXIS (SCYX) Risk Factors

Provisions in our amended and restated certificate of incorporation and our bylaws may delay or prevent an acquisition of us, including the ability of our board of directors to establish new series of preferred stock and issue shares of these new series, which could be used by our board of directors to oppose a hostile takeover attempt, which some stockholders may believe would be in the best interests of stockholders. In addition, these provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management, including the elimination of cumulative voting, inability of our stockholders to call special meetings or take action by written consent, ability of our board of directors to fill board vacancies, and ability of our board of directors to determine the size of the board of directors. In addition, we are subject to Section 203 of the Delaware General Corporation Law, which generally prohibits stockholders owning in excess of 15% of our outstanding voting stock from merging or combining with us. Finally, our charter documents establish advance notice requirements for nominations for election to our board of directors and for proposing matters that can be acted upon at stockholder meetings. Although we believe these provisions together provide for an opportunity to receive higher bids by requiring potential acquirers to negotiate with our board of directors, they would apply even if the offer may be considered beneficial by some stockholders.

Under current law, federal net operating losses incurred in tax years beginning after December 31, 2017, may be carried forward indefinitely, but the deductibility of such federal net operating loss carryforwards in a taxable year is limited to 80% of taxable income in such year. Portions of our state and federal net operating loss carryforwards began to expire in 2019. In addition, under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended, and corresponding provisions of state law, if a corporation undergoes an "ownership change" (generally defined as a greater than 50 percentage point change (by value) in the equity ownership of certain stockholders over a rolling three-year period), the corporation's ability to use its pre-change net operating loss carryforwards and other pre-change tax attributes to offset its post-change income and taxes may be limited. We have determined that ownership changes have occurred and as a result, a portion of our NOL carryforwards are limited. We may also experience ownership changes in the future as a result of subsequent issuances of our common stock or other shifts in our stock ownership some of which may be outside of our control. In addition, at the state level, there may be periods during which the use of net operating loss carryforwards is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed. As a result, we may be unable to use all or a material portion of our net operating loss carryforwards and other tax attributes, which could adversely affect our future cash flows.

On March 7, 2019, we entered into a senior convertible note purchase agreement with Puissance Life Science Opportunities Fund VI (Puissance), pursuant to which we issued and sold to Puissance $16 million of our 6.0% senior convertible notes due 2025. We may be required to repay the outstanding notes if an event of default occurs under the note purchase agreements. Under the note purchase agreements, an event of default will occur if, among other things: we fail to make payments under the note purchase agreement; we breach any of our covenants under the note purchase agreements, subject to specified cure periods with respect to certain breaches; or we or our subsidiaries become subject to bankruptcy, insolvency or reorganization proceedings. We may not have enough available cash or be able to raise additional funds through equity or debt financings to repay such indebtedness at the time any such event of default occurs. In this case, we may be required to delay, limit, reduce or terminate our product development or commercialization efforts or grant to others rights to develop and market product candidates that we would otherwise prefer to develop and market ourselves. Our business, financial condition and results of operations could be materially adversely affected as a result of any of these events.

As of March 1, 2024, we had 29 full time employees. Further, as we advance ibrexafungerp and SCY-247 through preclinical studies, clinical trials and commercialization for other indications, we will need to increase our product development, scientific, marketing, sales and administrative headcount to manage these efforts. Our management, personnel and systems currently in place may not be adequate to support this future growth. Our need to effectively manage our operations, growth and various projects requires that we: - successfully attract and recruit new employees with the expertise and experience we will require;- manage our clinical programs effectively, which we anticipate being conducted at numerous clinical sites;- develop a marketing and sales infrastructure; and - continue to develop our operational, financial and management controls, reporting systems and procedures. If we are unable to successfully manage this growth, our business may be adversely affected.

In the ordinary course of business, we collect, receive, store, process, generate, use, transfer, disclose, make accessible, protect, secure, dispose of, transmit, and share confidential, proprietary, and sensitive information, including personal data, business data, trade secrets, intellectual property, information we collect about trial participants in connection with clinical trials, sensitive third-party data, business plans, transactions, and financial information. Our data processing activities may subject us to numerous data privacy and security obligations, such as various laws, regulations, guidance, industry standards, external and internal privacy and security policies, contractual requirements, and other obligations relating to data privacy and security. In the U.S., federal, state, and local governments have enacted numerous data privacy and security laws and regulations, including data breach notification laws, personal data privacy laws, consumer protection laws (e.g., Section 5 of the Federal Trade Commission Act), and other similar laws (e.g., wiretapping laws). For example, HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009, and its implementing regulations, impose certain obligations with respect to safeguarding the privacy, security and transmission of individually identifiable health information on "covered entities," such as certain healthcare providers, health plans, and healthcare clearinghouses and their respective "business associates" that perform services for them. In addition, in the past few years, numerous U.S. states-including California, Virginia, Colorado, Connecticut, and Utah-have enacted comprehensive data privacy and security laws that impose certain obligations on covered businesses, including providing specific disclosures in privacy notices and affording residents with certain rights concerning their personal data. As applicable, such rights may include the right to access, correct, or delete certain personal data, and to opt-out of certain data processing activities, such as targeted advertising, profiling, and automated decision-making. The exercise of these rights may impact our business and ability to provide our products and services. Certain states also impose stricter requirements for processing certain personal data, including sensitive information, such as conducting data privacy impact assessments. These state laws allow for statutory fines for noncompliance. For example, the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020, applies to personal data of consumers, business representatives, and employees, and requires businesses to provide specific disclosures in privacy notices and honor requests of California residents to exercise certain privacy rights. The CCPA provides for civil penalties for violations of up to $7,500 per violation, as well as a private right of action for individuals impacted by certain data breaches. The CCPA and other comprehensive state data privacy and security laws exempt some data processed in the context of clinical trials, but these developments may further complicate compliance efforts, and increase legal risk and compliance costs for us, the third parties upon whom we rely. Similar laws are being considered in several other states, as well as at the federal and local levels, and we expect more states to pass similar laws in the future. These developments may further complicate compliance efforts, and increase legal risk and compliance costs for us and the third parties upon whom we rely. Outside the U.S., an increasing number of laws, regulations, and industry standards may govern data privacy and security, including information that we collect about patients in connection with clinical trials and our other operations abroad. For example, the EU's General Data Protection Regulation (EU GDPR) and the United Kingdom's GDPR (UK GDPR) impose strict requirements for processing personal data, including health-related information. For example, under the EU GDPR, companies may face temporary or definitive bans on data processing and other corrective actions; fines of up to the greater of 20 million euros or 4% of annual global revenue, whichever is greater; or private litigation related to processing of personal data brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests. In addition, we may be unable to transfer personal data from Europe and other jurisdictions to the United States or other countries due to data localization requirements or limitations on cross-border data flows. Europe and other jurisdictions have enacted laws requiring data to be localized or limiting the transfer of personal data to other countries. In particular, the European Economic Area (EEA) and the United Kingdom (UK) have significantly restricted the transfer of personal data to the United States and other countries whose data privacy and security laws they believe are inadequate. Other jurisdictions may adopt similarly stringent interpretations of their data localization and cross-border data transfer laws. Although there are currently various mechanisms that may be used to transfer personal data from the EEA and UK to the United States in compliance with law, such as the EEA standard contractual clauses, the UK's International Data Transfer Agreement / Addendum, and the EU-U.S. Data Privacy Framework and the UK extension thereto (which allows for transfers to relevant U.S.-based organizations who self-certify compliance and participate in the Framework), these mechanisms are subject to legal challenges, and there is no assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the United States. If there is no lawful manner for us to transfer personal data from the EEA, the UK, or other jurisdictions to the United States, or if the requirements for a legally-compliant transfer are too onerous, we could face significant adverse consequences, including the interruption or degradation of our operations, the need to relocate part of or all of our business or data processing activities to other jurisdictions at significant expense, increased exposure to regulatory actions, substantial fines and penalties, the inability to transfer data and work with partners, vendors and other third parties, and injunctions against our processing or transferring of personal data necessary to operate our business. Additionally, companies that transfer personal data out of the EEA and UK to other jurisdictions, particularly to the United States, are subject to increased scrutiny from regulators, individual litigants, and activities groups. Some European regulators have ordered certain companies to suspend or permanently cease certain transfers of personal data out of Europe for allegedly violating the EU GDPR's cross-border data transfer limitations. In addition to data privacy and security laws, we are or may become contractually subject to industry standards adopted by industry groups and may become subject to such obligations in the future. We are also bound by other contractual obligations related to data privacy and security, and our efforts to comply with such obligations may not be successful. We publish privacy policies, marketing materials, and other statements, such as compliance with certain certifications or self-regulatory principles, regarding data privacy and security. If these policies, materials or statements are found to be deficient, lacking in transparency, deceptive, unfair, or misrepresentative of our practices, we may be subject to investigation, enforcement actions by regulators, or other adverse consequences. Obligations related to data privacy and security are quickly changing, becoming increasingly stringent, and creating regulatory uncertainty. Additionally, these obligations may be subject to differing applications and interpretations, which may be inconsistent or conflict among jurisdictions. Preparing for and complying with these obligations requires us to devote significant resources and may necessitate changes to our services, information technologies, systems, and practices and to those of any third parties that process personal data on our behalf. We may at times fail (or be perceived to have failed) in our efforts to comply with our data privacy and security obligations. Moreover, despite our efforts, our personnel or third parties on whom we rely may fail to comply with such obligations, which could negatively impact our business operations. If we or the third parties on which we rely fail, or are perceived to have failed, to address or comply with applicable data privacy and security obligations, we could face significant consequences, including but not limited to: government enforcement actions (e.g., investigations, fines, penalties, audits, inspections, and similar); litigation (including class-action claims); additional reporting requirements and/or oversight; bans on processing personal data; and orders to destroy or not use personal data. Any of these events could have a material adverse effect on our reputation, business, or financial condition, including but not limited to: loss of customers; inability to process personal data or to operate in certain jurisdictions; limited ability to develop or commercialize our products; expenditure of time and resources to defend any claim or inquiry; adverse publicity; or substantial changes to our business model or operations.

We currently have a development license and supply agreement with R-Pharm, a leading supplier of hospital drugs in Russia, pursuant to which we license to R-Pharm rights to develop and commercialize ibrexafungerp in the field of human health in Russia and certain smaller non-core markets. R-Pharm will pay us milestone payments upon the achievement of specified milestones, including registration of ibrexafungerp in a country and upon the achievement of specified levels of sales. In addition, R-Pharm will pay us royalties upon sales of ibrexafungerp by R-Pharm. We are relying on R-Pharm to commercialize ibrexafungerp in the countries covered by our agreement with it, and if R-Pharm is not able to commercialize ibrexafungerp in those countries, or determines not to pursue commercialization of ibrexafungerp in those countries, we will not receive any milestone or royalty payments under the agreement. On February 24, 2022, Russia launched an invasion of Ukraine which has resulted in increased volatility in various financial markets and across various sectors. The U.S. and other countries, along with certain international organizations, have imposed economic sanctions on Russia and certain Russian individuals, banking entities and corporations as a response to the invasion. The extent and duration of the military action, resulting sanctions and future market disruptions in the region are impossible to predict. Moreover, the ongoing effects of the hostilities and sanctions may not be limited to Russia and Russian companies and may spill over to and negatively impact other regional and global economic markets of the world, including Europe and the U.S. The ongoing military action along with the potential for a wider conflict could further increase financial market volatility and cause negative effects on regional and global economic markets, industries, and companies. It is not currently possible to determine the severity of any potential adverse impact of this event on our financial condition, or more broadly, upon the global economy.

The commercial success of BREXAFEMME, ibrexafungerp for other indications or any other product candidates we may seek to develop will depend upon the acceptance of these product candidates among physicians, patients, the medical community and healthcare payors. The degree of market acceptance of product candidates will depend on a number of factors, including: - limitations or warnings contained in the FDA-approved labeling;- changes in the standard of care for the targeted indications;- limitations in the approved indications;- availability of alternative therapies with potentially advantageous results, or other products with similar results at similar or lower cost, including generics and over-the-counter products;- lower demonstrated clinical safety or efficacy compared to other products;- occurrence of significant adverse side effects;- ineffective sales, marketing and distribution support;- lack of availability of coverage and adequate reimbursement from governmental health care programs, managed care plans and other third-party payors;- timing of market introduction and perceived effectiveness of competitive products;- lack of cost-effectiveness;- adverse publicity about our product candidates or favorable publicity about competitive products;- lack of convenience and ease of administration; and - potential product liability claims. If BREXAFEMME, or ibrexafungerp for other indications or any future product candidates we may seek to develop are approved, but do not achieve an adequate level of acceptance by physicians, healthcare payors and patients, sufficient revenue may not be generated from these product candidates, and we may not become or remain profitable. In addition, efforts to educate the medical community and third-party payors on the benefits of our product candidates may require significant resources and may never be successful.

Successful commercialization of pharmaceutical products usually depends on the availability of coverage and adequate reimbursement from third-party payors, including commercial insurers and federal and state healthcare programs. Patients and/or healthcare providers who purchase drugs generally rely on third-party payors to reimburse all or part of the costs associated with such products. As such, coverage and adequate reimbursement from third-party payors can be essential to new product acceptance and may have an effect on pricing. We do not know the extent to which BREXAFEMME will be able to obtain favorable coverage and adequate reimbursement from third-party payors. If we choose to bring other product candidates to market, they will be subject to similar uncertainty. We believe that ibrexafungerp and any other product candidates that are brought to market are less likely to be purchased by patients and/or providers if they are not adequately reimbursed by third-party payors. In the United States, no uniform policy of coverage and reimbursement for drug products exists among third-party payors. As a result, the coverage determination process is often a time-consuming and costly process that will require us to provide scientific and clinical support for the use of our products to each payor separately, with no assurance that coverage and adequate reimbursement will be obtained. Furthermore, the market for our product candidates may depend on access to third-party payors' drug formularies, or lists of medications for which third-party payors provide coverage and reimbursement. Industry competition to be included in such formularies results in downward pricing pressures on pharmaceutical companies. Third-party payors may refuse to include a particular branded drug in their formularies when a competing generic product is available. The adoption of certain payment methodologies by third-party payors may limit our ability to profit from the sale of ibrexafungerp. For example, under Medicare, hospitals are reimbursed under an inpatient prospective payment system. This pricing methodology provides a single payment amount to hospitals based on a given diagnosis-related group. As a result, with respect to Medicare reimbursement for services in the hospital inpatient setting, hospitals could have a financial incentive to use the least expensive drugs for the treatment of invasive fungal infections, particularly the IV formulations of these drugs, as they are typically administered in the hospital, which may significantly impact our ability to charge a premium for ibrexafungerp. Coverage policies and third-party reimbursement rates may change at any time. Even if favorable coverage and reimbursement status is attained for BREXAFEMME or other products for which the Company receives regulatory approval, less favorable coverage policies and reimbursement rates may be implemented in the future. All third-party payors, whether governmental or commercial, are developing increasingly sophisticated methods of controlling healthcare costs, including mechanisms to encourage the use of generic drugs. Congress has also considered policies to lower the reimbursement formulas in federal and state healthcare programs. Furthermore, coverage of, and reimbursement for, drugs can differ significantly from payor to payor and may require significant time and resources to obtain. In addition, new laws or regulations could impact future coverage and reimbursement.